deploy-sourcegraph/base/node-exporter/node-exporter.DaemonSet.yaml at db14b177357c5dd134546c7d540bf855403a027c · sourcegraph/deploy-sourcegraph · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
apiVersion: apps/v1
kind: DaemonSet
metadata:
  annotations:
    description: DaemonSet to ensure all nodes run a node-exporter pod.
    seccomp.security.alpha.kubernetes.io/pod: 'docker/default'
  labels:
    deploy: sourcegraph
    app: node-exporter
    app.kubernetes.io/component: node-exporter
  name: node-exporter
spec:
  selector:
    matchLabels:
      app: node-exporter
  template:
    metadata:
      annotations:
        description: Collects and exports machine metrics.
        kubectl.kubernetes.io/default-container: node-exporter
      labels:
        deploy: sourcegraph
        app: node-exporter
    spec:
      containers:
      - name: node-exporter
        image: index.docker.io/sourcegraph/node-exporter:6.3.0@sha256:259529e04f754a7b53b43c4a7a191638651bd416d8a77d01eff51b64b0d490d6
        imagePullPolicy: IfNotPresent
        resources:
          limits:
            cpu: '1'
            memory: 1Gi
          requests:
            cpu: 200m
            memory: 100Mi
        args:
        - --web.listen-address=:9100
        - --path.sysfs=/host/sys
        - --path.rootfs=/host/root
        - --path.procfs=/host/proc
        - --no-collector.wifi
        - --no-collector.hwmon
        - --collector.filesystem.ignored-mount-points=^/(dev|proc|sys|var/lib/docker/.+|var/lib/kubelet/pods/.+)($|/)
        - --collector.netclass.ignored-devices=^(veth.*)$
        - --collector.netdev.device-exclude=^(veth.*)$
        env:
        securityContext:
          allowPrivilegeEscalation: false
          readOnlyRootFilesystem: true
          runAsGroup: 65534
          runAsUser: 65534
        volumeMounts:
        - name: rootfs
          mountPath: /host/root
          mountPropagation: HostToContainer
          readOnly: true
        - name: sys
          mountPath: /host/sys
          mountPropagation: HostToContainer
          readOnly: true
        - name: proc
          mountPath: /host/proc
          mountPropagation: HostToContainer
          readOnly: true
        ports:
        - name: metrics
          containerPort: 9100
          protocol: TCP
        readinessProbe:
          failureThreshold: 3
          httpGet:
            scheme: HTTP
            port: metrics
          initialDelaySeconds: 0
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        livenessProbe:
          failureThreshold: 3
          httpGet:
            scheme: HTTP
            port: metrics
          initialDelaySeconds: 0
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        terminationMessagePolicy: FallbackToLogsOnError
      automountServiceAccountToken: false
      terminationGracePeriodSeconds: 30
      securityContext:
        fsGroup: 65534
        runAsGroup: 65534
        runAsNonRoot: true
        runAsUser: 65534
      nodeSelector:
      affinity:
      tolerations:
      hostPID: true
      volumes:
      - name: rootfs
        hostPath:
          path: /
      - name: sys
        hostPath:
          path: /sys
      - name: proc
        hostPath:
          path: /proc